feat(vuln): expose isDirect

Co-authored-by: isaacs <i@izs.me> PR-URL: #323 Credit: @naugtur Close: #323 Reviewed-by: @isaacs
npm · Sep 28, 2021 · 50c293d · 50c293d
1 parent 6baafaa
commit 50c293d
Show file tree

Hide file tree

Showing 4 changed files with 214 additions and 3 deletions.
diff --git a/lib/vuln.js b/lib/vuln.js
@@ -82,6 +82,17 @@ class Vuln {
     }
   }
 
+  get isDirect () {
+    for (const node of this.nodes.values()) {
+      for (const edge of node.edgesIn) {
+        if (edge.from.isProjectRoot || edge.from.isWorkspace) {
+          return true
+        }
+      }
+    }
+    return false
+  }
+
   testSpec (spec) {
     const specObj = npa(spec)
     if (!specObj.registry) {
@@ -101,10 +112,10 @@ class Vuln {
   }
 
   toJSON () {
-    // sort so that they're always in a consistent order
     return {
       name: this.name,
       severity: this.severity,
+      isDirect: this.isDirect,
       // just loop over the advisories, since via is only Vuln objects,
       // and calculated advisories have all the info we need
       via: [...this.advisories].map(v => v.type === 'metavuln' ? v.dependency : {